﻿<?php 
require_once("../comm/config.php");
require_once("../comm/utils.php");

function qq_callback()
{
    //debug
    //print_r($_REQUEST);
    //print_r($_SESSION);

    if($_REQUEST['state'] == $_SESSION['state']) //csrf
    {
        $token_url = "https://graph.qq.com/oauth2.0/token?grant_type=authorization_code&"
            . "client_id=" . $_SESSION["appid"]. "&redirect_uri=" . urlencode($_SESSION["callback"])
            . "&client_secret=" . $_SESSION["appkey"]. "&code=" . $_REQUEST["code"];

        $response = get_url_contents($token_url);
        if (strpos($response, "callback") !== false)
        {
            $lpos = strpos($response, "(");
            $rpos = strrpos($response, ")");
            $response  = substr($response, $lpos + 1, $rpos - $lpos -1);
            $msg = json_decode($response);
            if (isset($msg->error))
            {
                echo "<h3>error:</h3>" . $msg->error;
                echo "<h3>msg  :</h3>" . $msg->error_description;
                exit;
            }
        }

        $params = array();
        parse_str($response, $params);

        //debug
        //print_r($params);

        //set access token to session
        $_SESSION["access_token"] = $params["access_token"];

    }
    else 
    {
        echo("The state does not match. You may be a victim of CSRF.");
    }
}

function get_openid()
{
    $graph_url = "https://graph.qq.com/oauth2.0/me?access_token=" 
        . $_SESSION['access_token'];

    $str  = get_url_contents($graph_url);
    if (strpos($str, "callback") !== false)
    {
        $lpos = strpos($str, "(");
        $rpos = strrpos($str, ")");
        $str  = substr($str, $lpos + 1, $rpos - $lpos -1);
    }

    $user = json_decode($str);
    if (isset($user->error))
    {
        echo "<h3>error:</h3>" . $user->error;
        echo "<h3>msg  :</h3>" . $user->error_description;
        exit;
    }

    //debug
    //echo("Hello " . $user->openid);

    //set openid to session
    $_SESSION["openid"] = $user->openid;
}

//QQ登录成功后的回调地址,主要保存access token
qq_callback();

//获取用户标示id
get_openid();



//连接数据库
$conn = mysql_connect("localhost","yilunfenfen","data2012") or die ('Fail to connect localhost ');
		
mysql_select_db("food",$conn) or die ('Fail to connect db');
		
mysql_query("SET NAMES 'UTF8'");

include("../user/get_user_info.php");

$gender = $arr["gender"];

$nickname = $arr["nickname"];

$photoUrl = $arr['figureurl_2'];

$user_mail = substr($photoUrl,-10,6).'@qq.com';

$user_prepassword = substr($photoUrl,-10,6);

$user_password = md5(substr($photoUrl,-10,6));

$query_pre = mysql_query("select id from food_user_basic where user_mail = '$user_mail' order by id desc") or die(mysql_error());

$num_pre = mysql_num_rows($query_pre);

//header('Location:../../home.php');

if($num_pre === 0)
{
	$_SESSION['login_mail'] = $user_mail;
	
	$_SESSION['qq_nickname'] = $nickname;
	
	$_SESSION['qq_photoUrl'] = $photoUrl;
	
	$_SESSION['user_prepassword'] = $user_prepassword;
	
	mysql_query("insert into `food_user_basic` (id,nick,user_pass,user_mail,user_sex,create_time,photourl) values (null,'$nickname','$user_password','$user_mail','$gender',now(),'$photoUrl')") or die(mysql_error());
	
	
}else
{
	$_SESSION['login_mail'] = $user_mail;
	
	$_SESSION['qq_nickname'] = $nickname;
	
	$_SESSION['qq_photoUrl'] = $photoUrl;
	
	$_SESSION['user_prepassword'] = $user_prepassword;
	
	mysql_query("update food_user_basic set create_time = now() where user_mail = '$user_mail'") or die(msql_error());
}


//header('Location:home.php');
echo "<script>self.opener.location.href='../../home.php';</script>";

//print_r($_SESSION);
//include("../weibo/add_weibo.php");
//exit;
echo "<script>window.close();</script>";

?>







